HiI'm currently building a lawnmower robot. I plan to use a mega 2560 with wifi and GPS for the robot.To avoid that the robot "can be used elsewhere" and to be able to trace the robot if someone has "displaced my robot" ] I would like to add some security to my robot start-up sequence.The idea is as follows. At start-up the robot waits for the GPS and wifi to be active.Using the wifi the GPS location, date, time and robot ID is send to a server. The server provides a go/nogo to the robot.To avoid middle man and other ways to avoid my security measurements, I need to encrypt the information send between the robot and the server. I'm very well aware I don't need a "high security level for this" but having everything readable to a sniffer is not an option. I have been reading up on security algorithms but most algorithms I've been reading seem pretty hard to implement on a 8 bit processor. (and to be hones I'm not getting more than the concepts)So my question is: "are there Algorithms available to Arduino that could support my scenario?" I'm thinking of DES, 3DES, MD5, SHA-1, RSA, AES ....? But I am interested in any "cryptographic algorithm that is implemented and publicly available".Best regardsJantje

Do not PM me a question unless you are prepared to pay for consultancy.Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -

You don't just need to use cryptography, you need a cryptographic protocol that is secure. For instance you probably want to be secure against a "replay attack" where the attacker eavesdrops one of your sessions and then just replays the server-side responses - if you haven't made provision to prevent this it won't matter if you use encryption or not. (And the attacker doesn't have to know anything about your system, just try the replayed session).

First though you need to make a realistic assessment of your "threat model" - what kind of attacker is there likely to be and what might they be able to do - they make sure you've provided for those attack modes.

MarkTThanks for the advise and link.I'm not so much scared about the replay attack. Why? I'm including the gps location and the GPS received date and time. The server should respond with this information so a replay can not be done. And I'm not worried about people trying to do a replay each time the robot is restarted (which is at least 1's a year) in general as it is to cumbersome (they may just as well rewrite the Arduino code).I'm just hoping that trying to start the robot will unveil the robot's gps location to me. Which is not so obvious as I use encrypted wifi with a specific SSID at home. The likelihood that the robot will be able to connect "as such" at the "new location" are next to null. Some "intelligence" and "hacking" will need to be done before I even can hope on receiving a gps location on my server. That is basically why I do not want to put to much effort in the protocol and I'm looking for a "available" protocol.I'll look into the link tonight.Best regardsJantje

ps Note that as I plan to use a standard arduino with shields. This hardware remains vulnerable so it doesn't help investing in a watertight software solution.

Do not PM me a question unless you are prepared to pay for consultancy.Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -

Wauw Much more response than I had hoped for. So Now I have an implemented SHA-1, SHA-256, HMAC-SHA-1 and HMAC-SHA-256 and AES As far as I can see they are all good enough for me.I have been looking at both libraries and I fear some basic knowledge is still missing here Assume I say my robot ID is 16Bits (int) , The GPS coordinates are 64 bits (2longs) and the date and time take 48 bit (6 Bytes).So my message is binary wise 128 bit or 16 bytes.

Using AESThis turns out to be exactly 1 N_BLOC in the AES library. So I can easily encrypt and decrypt this to another N_BLOC.I assume I then will have to convert this binary to a ASCII string to send it over the Ethernet module.My first question is: Assume I had 17 bytes. Do I pad those with garbage to get to 32 bites? and do 2 blocks?

Using SHAI guess i first convert the bits to a string and then call the SHA function. What is not clear to me is what the readme file states

Quote

The hash result is then stored in hash[0], hash[1] .. hash[19].

My second question isDo I always get a hash from the same size? My third question is:If the web sever sends an encrypted message back how can I decrypt? I mean I haven't found a decrypt method in the readme. (I havn't unpacked yet)

In both casesIs there a good implemented "covert bin to char" (and the other way around) algorithm?Do I only need to send this hash? I mean: does the decrypt get me back to my original message?As Arduino is an 8 bit platform and the server will be 32 or 64. Will this be compatible?

Best regardsJantje

Do not PM me a question unless you are prepared to pay for consultancy.Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -

I selected the AES as it had encrypt and decrypt. and I got the AES library to work I had some issues so I wanted to share the code.The sketch below is my test program and it shows how to use the AES library.It is long because there is plenty of checking and debugging info added because it just didn't work (I had 6 as keylength :0).

If I were you I would be less concerned about somebody using the device without permission, and more concerned about somebody stealing the hardware. If you have a proprietary control interface it's vanishingly unlikely that anyone would be willing and able to put the effort in to breaking into it - but that won't stop them nicking it.

I only provide help via the forum - please do not contact me for private consultancy.

If I were you I would be less concerned about somebody using the device without permission, and more concerned about somebody stealing the hardware.

I don't quite see the difference between "using without permission" and stealing.If they steal the device I hope they try to "use it without permission" and by doing so they tell me where the device is. Doing the telling without permission would be very easy to hack.How would you advice to avoid nicking a lawnmower robot? Best regardsJantje

Do not PM me a question unless you are prepared to pay for consultancy.Nederlandse sectie - http://arduino.cc/forum/index.php/board,77.0.html -

We are on a similar encryption journey. I have hit the N_BLOCK limit using this AES library and am loosing the remaining transmission text. To get around it, I am attempting multi-dimentional arrays of plaintext & ciphertext and rebuilding at the end. If you completed any more on this, I would be delighted to see. If not, I can keep you posted with my progress (or lack of!).

BTW, security is good for a bot, 3rd parties could cause it to misbehave, but you would be liable for the damage.

I don't quite see the difference between "using without permission" and stealing.

'Stealing' means simply picking it up and carrying it off. Whether it's any good to them as a lawnmower, or as a bunch of parts, or just a useless box of junk they will sling off a bridge when they realise it's of no value to them, that's no consolation to you. The important thing is that you no longer have it. The fact it's hard for anyone else to use it as a lawnmower won't stop them stealing it and in no way secures your property. The only benefit I can see from your proposed security is to stop somebody from accidentally/deliberately causing it to do the wrong thing while it's playing in your garden.

I only provide help via the forum - please do not contact me for private consultancy.

1) Dig a very big hole in your garden.2) Fill with concrete with a big steel ring set into the top. 3) Chain the lawnmover, with a very heavy chain and padlock, to the ring.As additional security4) Connect the metal parts of you mower to 240v AC ]